CVE-2014-5337

Exploit

EPSS 16.99%
Veröffentlicht 29.08.2014 13:55:05
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps < 2.0.2 - Information Disclosure

The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not properly restrict access to password protected posts, which allows remote attackers to obtain sensitive information via an exportarticles action to export/content.php.

Mögliche Gegenmaßnahme

WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps: Update to version 2.0.2, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

NVD 16 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wordpress Mobile Pack Project ≫ Wordpress Mobile Pack SwPlatformwordpress Version <= 2.0.1

Wordpress Mobile Pack Project ≫ Wordpress Mobile Pack Version1.2.0 SwPlatformwordpress

Wordpress Mobile Pack Project ≫ Wordpress Mobile Pack Version1.2.0 Updateb SwPlatformwordpress

Wordpress Mobile Pack Project ≫ Wordpress Mobile Pack Version1.2.0 Updateb2 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.0.8223 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.1.1 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.1.2 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.1.3 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.1.9 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.1.91 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.1.92 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.2.1 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.2.3 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.2.4 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version1.2.5 SwPlatformwordpress

Wpmobilepack ≫ Wordpress Mobile Pack Version2.0 SwPlatformwordpress

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps

Version [*, 2.0.2)

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	16.99%	0.967

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/60584

http://wordpress.org/plugins/wordpress-mobile-pack/changelog/

Patch

http://www.securityfocus.com/bid/69292

https://security.dxw.com/advisories/information-disclosure-vulnerability-in-wordpress-mobile-pack-allows-anybody-to-read-password-protected-posts/

Exploit

https://www.wordfence.com/threat-intel/vulnerabilities/id/eb6bbbbb-b201-4fd5-8ee1-2369fb27070f

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-5337

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-5337

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-5337

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2014-5337